Privacy Policy

Last updated: 29 January 2026

MEP1 BIM Ltd ("we", "us", "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how personal information is collected, used, stored, and protected when using our internal timesheet and business management systems.

1. Who we are

Data Controller:
MEP1 BIM Ltd
United Kingdom

This system is operated solely for the internal business purposes of MEP1 BIM Ltd.

2. Who this system is for

This is a private business system. User accounts are created only by the business owner or authorised administrators for individuals who carry out work for MEP1 BIM Ltd on a self-employed basis and invoice the company for hours worked.

The system is not intended for public use.

3. Personal data we collect

Depending on your role and use of the system, we may store the following information:

• Name and initials
• Job role / worker type
• Timesheet entries (dates, hours worked, project references, task descriptions)
• Pay rates and cost information
• Project and commercial data linked to your work
• Typed signature name and signature timestamp (where used)
• Audit and activity records (such as when records are created, edited, or deleted)

We do not use analytics, marketing, or tracking technologies.

4. How we use your data

Personal data is used only for legitimate business purposes, including:

• Recording hours worked
• Managing projects and commercial information
• Producing invoices and financial records
• Meeting accounting, contractual, and legal obligations
• Maintaining audit trails and system security

We do not use personal data for marketing purposes.

5. Legal basis for processing

Personal data is processed under the following lawful bases:

• Performance of a contract – to record and manage work carried out
• Legal obligation – to meet accounting and record-keeping requirements
• Legitimate interests – to operate and secure internal business systems

6. Cookies and sessions

This website uses essential cookies only. These are required for:

• User authentication
• Session management
• Security and system integrity

These cookies are necessary for the system to function and cannot be disabled.

7. Data storage and security

Personal data is stored on servers provided by UK-based infrastructure providers. Automated backups are taken and stored securely using cloud backup services.

Access to data is restricted to authorised users only. Passwords are stored using industry-standard hashing techniques, and reasonable technical and organisational measures are in place to protect data from unauthorised access, loss, or misuse.

8. Data sharing

We do not sell, rent, or share personal data with third parties.

Data may be processed by infrastructure providers (such as hosting and backup services) solely where required to operate the system securely.

9. Data retention

Personal data is retained for a minimum of five (5) years, including for individuals who no longer carry out work for MEP1 BIM Ltd, where required for accounting, legal, or audit purposes.

Data may be securely deleted after this period where it is no longer required.

10. Your rights

Under UK data protection law, you have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of data where legally permissible
• Object to or restrict certain processing

Requests should be made to the business owner or administrator. Some data may need to be retained to meet legal obligations.

11. Children's data

This system is intended for business use only and is not designed for use by individuals under the age of 18.

12. Changes to this policy

This Privacy Policy may be updated from time to time to reflect changes in legal requirements or system functionality. The latest version will always be available on this page.